AMENDMENTS TO THE CLAIMS 

The listing of claims below will replace all prior versions and listings of claims in this 

application. Please amend the claims as follows: 

1 . (Currently Amended) A method comprising: 

obtaining clear form rights information at a client device, said clear form rights 
information being associated with content stored at said client device; 

obtaining, by said client device, an external key comprising an integrity secret, 
wherein said integrity secret is vulnerable based at least in part on its being known to at least 
an external server device; 

obtaining a clear form external integrity hash of first data comprising: 
said clear form rights information and 
said external key, 

wherein said clear form external integrity hash is vulnerable based at least in 
part on said vulnerability of said externally-known integrity secret; 
obtaining an internal integrity hash of second data comprisingi 

said clear form rights information, 

said clear form external integrity hash, and 

an externally inaccessible client device key, 

wherein said externally inaccessible client device key is not accessible outside 
said client device and said internal integrity hash is not vulnerable based on a relative 
comparison with said vulnerability of said externally-known integrity secret; 
encrypting said internal integrity hash using said externally inaccessible client device 
key; and 

storing the encrypted internal integrity hash on the client device. 

2. (Previously Presented) The method of claim 1 wherein obtaining the clear form external 
integrity hash comprises: 

receiving the clear form external integrity hash from said external server device. 

3. (Previously Presented) The method of claim 1 wherein obtaining the internal integrity hash 
comprises: 

generating the internal integrity hash on the client device. 
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4. (Previously Presented) The method of claim 1 further comprising storing said clear form 
external integrity hash on the client device. 

5. (Previously Presented) The method of claim 1 further comprising receiving the external 
key at the client device. 

6. (Previously Presented) The method of claim 2 wherein said extemd key comprises a 
server device key. 

7. (Canceled) 

8. (Original) The method of claim 1 further comprising: 

receiving, at the client device, a content key for the content; 
encrypting the content key using the client device key to generate an encrypted 
content key; and 

storing the encrypted content key on the client device. 

9. (Previously Presented) The method of claim 1 further comprising: 

generating a validation hash from at least the clear form rights information; 
decrypting the encrypted internal integrity hash to recover the internal integrity hash; 

and 

comparing the validation hash to the internal integrity hash to detect tampering with 
the rights information. 

10. (Original) The method of claim 9 further comprising: 

disabling the content on the client device if tampering is detected. 

11. (Previously Presented) The method of claim 1 further comprising: 

storing the clear form rights information on the client device. 

12. (Previously Presented) The method of claim 10 further comprising: 

reading the clear form rights information from the client device to the external server 

device. 

13. (Previously Presented) The method of claim 1 wherein the clear form rights information 
comprises usage information, the method further comprising: 

tracking usage of the content; 

updating the clear form rights information with changes in usage; and 
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for each update of the clear form rights information: 

re-obtaining the internal integrity hash of second data comprising the updated 
clear form rights information, said clear form extemd integrity hash, and said 
externally inaccessible client device key; and 

re-encrypting, and re-storing the intemal integrity hash on the client device. 

14. (Previously Presented) The method of claim 1 wherein the intemal integrity hash 
comprises a Hash Message Authentication Code (HMAC). 

15. (Original) The method of claim 1 wherein the client device key comprises a code 
embedded in hardware of the client device having no externally accessible data path. 

16. (Original) The method of claim 1 wherein the client device comprises at least one of an. 
MPS player, a personal data assistant, and cellular phone. 

17. (Previously Presented) The method of claim 1 further comprising at least one of: 

downloading the clear form rights information from the external server device; and 
installing a storage medium having the clear form rights information stored thereon. 

18. (Previously Presented) The method of claim 1 wherein the clear form rights information 
grants unlimited play for the content on the client device. 

1 9. (Original) The method of claim 3 wherein generating the internal integrity hash 
comprises generating the intemal integrity hash in tmsted hardware. 

20-33. (Canceled) 

34. (Currently Amended) A client device comprising: 

a register operative to store a client device key, said register being externally 
inaccessible from the client device; 

a memory operative to store content and clear form rights information associated with 
the content, said memory being externally accessible; 

hash circuitry operative to: 

obtain a clear form external integrity hash of first data comprising the clear 

form rights information and an extemal key as an integrity secret; and 



Hug, Joshua D. - Rights Enforcement and 
Usage Reporting on a Ghent Device 



4/27 



Attorney Docket No. REAL-2006053 
(RN109) 



obtain an internal integrity hash of second data comprising the clear form 
rights information, the clear form external integrity hash, and the externally 

inaccessible client device key; and 

encryption circuitry operative to encrypt the internal integrity hash using the client 
device key; 

said memory being further operative to store the encrypted hash, 
wherein said integrity secret is vulnerable based at least in part on its being known to 
at least an external server device, wherein said clear form external integrity hash is 
vulnerable based at least in part on said vulnerability of said externally-known integrity 

secret, and wherein said internal integrity hash is not vulnerable based on a relative 
comparison with said vulnerability of said externally-known integrity secret. 

35. (Previously Presented) The client device of claim 34 wherein the hash circuitry is 

operative to obtain the clear form external integrity hash from said external server device. 

36. (Previously Presented) The client device of claim 34 wherein the hash circuitry is 
operative to generate the internal integrity hash on the client device. 

37. (Canceled) 

38. (Previously Presented) The client device of claim 34, said memory being further 
operative to store the clear form external integrity hash. 

39. (Previously Presented) The client device of claim 35 wherein the external key comprises 
a server device key. 

40. (Canceled) 

41. (Previously Presented) The client device of claim 34 wherein the encryption circuitry is 
further operative to encrypt a content key for the content using the client device key; and the 
memory is further operative to store the encrypted content key on the client device. 

42. (Previously Presented) The client device of claim 34 wherein 

the hash circuitry is operative to generate a validation hash from at least the clear 
form rights information; and 

the encryption circuitry is further operative to decrypt the encrypted hash to recover 
the internal integrity hash; 
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the client device further comprising: 

a comparator to compare the validation hash to the internal integrity hash to 

detect tampering with the clear form rights information. 

43. (Original) The client device of claim 42 further comprising: 

a content controller to disable the content on the client device if tampering is 

detected. 

44. (Canceled) 

45. (Previously Presented) The client device of claim 34 wherein the rights information 
comprises usage information, the client device further comprising: 

tracking circuitry to track usage of the content £ind update the clear form rights 
information with changes in usage; 

wherein the hash circuitry and the encryption circuitry are further operative to 
regenerate, re-encrypt, and re-store the internal integrity hash in the memory for each update 
of the rights information. 

46. (Original) The client device of claim 34 wherein the client device comprises at least one 
of an MP3 player, a personal data assistant, and cellular phone. 

47. (Previously Presented) The client device of claim 34 further comprising at least one of: 

an input port to download the clear form rights information from the external server 
device; and 

a storage medium port to receive a storage medium having the clear form rights 
information stored thereon. 

48. (Original) The client device of claim 47 wherein the memory at least partially comprises 
the storage medium. 

49. (Currently Amended) A non-transitory machine readable medium having stored thereon 
machine executable instructions, the execution of which to implement a method comprising: 

receiving clear form rights information at a client device, said rights information 
being associated with content stored on the client device, said client device having a client 
device key that is extemally inaccessible from the client device; 

storing the clear form rights information on the client device; 
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obtaining an external key comprising an integrity secret, wherein said integrity secret 
is vulnerable based at least in part on its being known to at least an external server device; 

obtaining a clear form external integrity hash of first data comprising the clear form 
rights information and said external key; 

obtaining an internal integrity hash of second data comprising said clear form rights 
information, said clear form external integrity hash, and an externally inaccessible client 
device key; 

encrypting the internal integrity hash using the externally inaccessible client device 
key; and 

storing the encrypted internal integrity hash on the client device, 
wherein said integrity secret is vulnerable based at least in part on its being known to 
at least an external server device, wherein said clear form external integrity hash is 
vulnerable based at least in part on said vulnerability of said externally-known integrity 
secret, and wherein said internal integrity hash is not vulnerable based on a relative 
comparison with said vulnerability of said externally-known integrity secret. 

50. (Currently Amended) The non-transitory machine readable medium of claim 49 wherein 
obtaining the integrity hash comprises: 

receiving the clear form external integrity hash from said external server device. 

51. (Cun ently Amended) The non-transitory machine readable medium of claim 49 wherein 
obtaining the internal integrity hash comprises: 

generating the internal integrity hash on the client device. 

52. (Currently Amended) The non-transitory machine readable medium of claim 49 further 
comprising storing said clear form external integrity hash on the client device. 

53. (Canceled) 

54. (Currently Amended) The non-transitory machine readable medium of claim 50 wherein 
said external key comprises a server device key. 

55. (Canceled) 

56. (Currently Amended) The non-transitory machine readable medium of claim 49 wherein 
the method further comprises: 
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receiving, at the client device, a content key for the content; 
encrypting the content key using the client device key to generate an encrypted 
content key; and 

storing the encrypted content key on the client device. 

57. (Currently Amended) The non-transitory machine readable medium of claim 49 wherein 
the method further comprises: 

generating a validation hash from at least the clear form rights information; 
decrypting the encrypted internal integrity hash to recover the internal integrity hash; 

and 

comparing the validation hash to the internal integrity hash to detect tzimpering with 

the clear form rights information. 

58. (Cunently Amended) The non-transitory machine readable medium of claim 57 wherein 
the method further comprises: 

disabling the content on the client device if tampering is detected. 

59. (Currently Amended) The non-transitory machine readable medium of claim 49 wherein 
the clear form rights information grants unlimited play for the content on the client device. 

60. (Currently Amended) The non-transitory machine readable medium of claim 59 wherein 
the method further comprises: 

reading the clear form rights information from the client device out to a server device. 

61. (Currently Amended) The non-transitory machine readable medium of claim 49 wherein 
the clear form rights information comprises usage information, the method further 
comprising: 

tracking usage of the content; 

updating the clear form rights information with changes in usage; and 
for each update of the clear form rights information: 

re-obtaining the internal integrity hash of second data comprising the updated 
clear form rights information, said clear form external integrity hash, and said 
externally inaccessible client device key; and 

re-encrypting, and re-storing the internal integrity hash on the client device. 
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